security

AWS can deploy one EC2 Key Pair to your EC2 instance. But this approach has several disadvantages:
You can only use one key per EC2 instance. But you shouldn’t share keys between users.
Access to EC2 instances via SSH can not be restricted to specific ...

If your developers create their own infrastructure in minutes, who cares about security? In some organizations the security teams become the new bottleneck if the company wants to deploy every commit to production. Because manual reviews can’t be done for every commit. Teri Radichel’s paper Balancing Security and Innovation With Event Driven Automation shows how you can use AWS to tackle the security bottleneck problem.
I will shortly summarize her work and encourage you to read the whole paper and have ...

Lock and key devices are used by mankind for more than 6.000 years. Whether mechanical, electrical or digital, the concept stays the same: a key is needed to access resources behind a lock. Technology has made incredible progress since then. But one pro...

As a DevOps engineer, I love to work with the AWS Command Line Interface (CLI) to control various AWS resources in an (half-)automated way. To be able to do so it is necessary to store access keys on my local machine. These access keys (access key ID an...

To eliminate human error as much as possible I advised you to follow the idea of Infrastructure as Code implemented by AWS CloudFormation. Changes to your infrastructure like launching a new virtual server or making changes to a firewall configuration are no longer done manually. Instead you change the description of your infrastructure and let CloudFormation apply the changes.A common problem with CloudFormation are manual changes to resources managed by CloudFormation. A manual change to your AWS accou...

You can track every change made to your AWS account with CloudTrail. Did you know that you can also monitor your AWS account in near real time with custom rules specific to your use case?
By combining CloudTrail, S3, SNS, and Lambda, you can run a piece...

Your AWS account is one of the most valuable things you own if you run a business on AWS. If you only own a single AWS account, you’re facing a serious security risk! The post will show you why this a problem and how you can solve it.
This post receive...

Are you part of a highly motivated DevOps team? Use marbot, a friendly chatbot, to forward all kind of alerts from your AWS infrastructure to Slack. Alerts are escalated across your team automatically allowing you to focus on your daily work.